Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/jDAJarmbJDmpb6Wbcj0oSyTI-QU.roa
File: jDAJarmbJDmpb6Wbcj0oSyTI-QU.roa (raw, json)
Hash identifier: ml97QdTLFtVKx6jlo8OGhRGz+5rlpj20ZXv04hU+wT4=
Subject key identifier: 8C:30:09:6A:B9:9B:24:39:A9:6F:A5:9B:72:3D:28:4B:24:C8:F9:05
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019819C436261C201811A577D152DA37AAA5
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/jDAJarmbJDmpb6Wbcj0oSyTI-QU.roa
Signing time: Thu 17 Jul 2025 19:02:25 +0000
ROA not before: Thu 17 Jul 2025 19:02:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7843
IP address blocks: 66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
88.135.100.0/22 maxlen: 24
88.135.104.0/21 maxlen: 24
93.119.184.0/21 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
176.222.48.0/22 maxlen: 24
195.133.202.0/23 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:19:c4:36:26:1c:20:18:11:a5:77:d1:52:da:37:aa:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 17 19:02:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c30096ab99b2439a96fa59b723d284b24c8f905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e8:9f:3c:7a:c1:f6:27:60:09:13:4a:b9:98:
78:dc:3c:1b:48:2a:fe:7c:08:1d:f7:28:27:40:4b:
41:6a:b8:9a:05:b8:d7:a5:34:82:7c:c1:f8:de:cc:
c8:6b:01:9f:e5:b4:7a:45:c0:56:d2:c1:d0:f1:ab:
fa:c0:c1:7a:3b:3d:4f:c9:64:57:e7:49:10:a6:7c:
40:ad:60:7c:d9:b5:a2:4e:b0:d8:bd:d6:2e:d9:6e:
73:b4:b7:ea:69:11:bf:51:0b:71:b4:5a:28:b5:98:
c9:0c:72:d0:da:69:a7:d2:30:4c:5b:c0:93:70:96:
f0:4b:7a:03:93:74:8a:97:89:d6:5d:23:ea:fd:db:
d2:2b:b8:53:0f:ff:26:58:b6:88:5c:f5:f4:33:37:
5e:bc:73:dc:c1:7b:c9:57:a0:f2:96:5b:cf:6d:ec:
86:72:eb:fb:4b:4f:a3:9c:13:6e:dc:fb:7e:66:6f:
43:2e:84:6b:f8:33:8d:b6:c5:22:aa:66:04:cd:5d:
f5:77:c8:15:f0:ce:db:27:7d:b4:5e:5d:62:68:c4:
64:5b:7c:bf:0c:9d:43:26:2c:a8:5a:28:25:cd:f1:
63:9e:fa:10:54:ef:d2:65:c5:a8:b6:f6:b4:88:79:
bc:5e:9c:77:c2:cb:c6:74:b3:29:58:3f:86:b9:60:
83:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:30:09:6A:B9:9B:24:39:A9:6F:A5:9B:72:3D:28:4B:24:C8:F9:05
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/jDAJarmbJDmpb6Wbcj0oSyTI-QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.9.96.0/20
66.117.8.0/22
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
88.135.100.0-88.135.111.255
93.119.184.0/21
94.26.110.0/23
94.101.103.0/24
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
195.133.202.0/23
198.145.112.0/22
205.134.244.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:f6:b4:b7:ff:8e:94:8b:24:59:db:3c:73:6f:95:22:7e:cf:
e6:ae:11:bb:b7:86:00:7b:33:02:a0:f6:9b:57:80:be:a3:bc:
26:f2:9f:d4:89:1d:ad:3c:f7:34:cb:26:80:a0:06:18:b4:fe:
89:08:2a:a0:f8:73:03:a1:71:ef:83:ad:de:f9:90:a5:ff:ab:
07:8d:61:cb:58:be:ed:5f:e1:b0:37:7a:7c:9a:4f:7d:49:f7:
99:3f:39:69:b9:15:25:74:01:8b:cb:bd:f6:76:23:ed:3f:19:
05:17:ec:6f:2c:14:e6:5b:f2:2a:ea:e4:5d:1a:6e:98:66:2e:
e3:96:bf:47:c4:4f:cd:da:bd:11:70:9c:42:f7:8d:cc:09:f8:
05:05:13:eb:fe:47:10:d4:d1:4d:4d:9d:fa:79:16:5a:3e:17:
b6:6d:76:d2:f7:f9:a4:00:4a:af:1c:3c:de:1a:b5:c2:dd:ac:
44:36:fa:3c:81:f2:c9:a8:05:40:bc:c2:ac:2c:23:ac:3a:4f:
5b:95:97:70:b7:c3:6a:dc:79:53:96:58:71:2f:d3:9e:e8:e3:
2a:1b:83:64:dd:c5:74:13:24:98:0b:97:2b:d7:7c:e6:bd:f8:
85:17:c8:4f:2e:0d:e5:90:c3:77:47:8e:1e:e7:23:5a:83:3c:
8d:69:13:84
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZgZxDYmHCAYEaV30VLaN6qlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwNzE3MTkwMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzMwMDk2YWI5OWIyNDM5YTk2ZmE1OWI3MjNkMjg0YjI0YzhmOTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOifPHrB9idgCRNKuZh43DwbSCr+
fAgd9ygnQEtBariaBbjXpTSCfMH43szIawGf5bR6RcBW0sHQ8av6wMF6Oz1PyWRX
50kQpnxArWB82bWiTrDYvdYu2W5ztLfqaRG/UQtxtFootZjJDHLQ2mmn0jBMW8CT
cJbwS3oDk3SKl4nWXSPq/dvSK7hTD/8mWLaIXPX0MzdevHPcwXvJV6DyllvPbeyG
cuv7S0+jnBNu3Pt+Zm9DLoRr+DONtsUiqmYEzV31d8gV8M7bJ320Xl1iaMRkW3y/
DJ1DJiyoWiglzfFjnvoQVO/SZcWotva0iHm8Xpx3wsvGdLMpWD+GuWCDbwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFIwwCWq5myQ5qW+lm3I9KEskyPkFMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvakRBSmFybWJKRG1wYjZXYmNqMG9TeVRJLVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEBEIJYAME
AkJ1CDAMAwQGTd/AAwQBTd/IAwQBT4tAAwQDU47IMAwDBAJYh2QDBARYh2ADBANd
d7gDBAFeGm4DBABeZWcDBANfsggDBAN0MhADBAN5fzgDBAKw3jADBAHDhcoDBALG
kXADBALNhvQwDQYJKoZIhvcNAQELBQADggEBAAz2tLf/jpSLJFnbPHNvlSJ+z+au
Ebu3hgB7MwKg9ptXgL6jvCbyn9SJHa089zTLJoCgBhi0/okIKqD4cwOhce+Drd75
kKX/qweNYctYvu1f4bA3enyaT31J95k/OWm5FSV0AYvLvfZ2I+0/GQUX7G8sFOZb
8irq5F0abphmLuOWv0fET83avRFwnEL3jcwJ+AUFE+v+RxDU0U1Nnfp5Flo+F7Zt
dtL3+aQASq8cPN4atcLdrEQ2+jyB8smoBUC8wqwsI6w6T1uVl3C3w2rceVOWWHEv
057o4yobg2TdxXQTJJgLlyvXfOa9+IUXyE8uDeWQw3dHjh7nI1qDPI1pE4Q=
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:17:13 2025 by rpki-client